Threat Intelligence Blog

Weekly Threat Intelligence Brief: August 16, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Insurance/Healthcare

“A former Tampa General Hospital worker has been sentenced to 37 months in federal prison in a case involving criminal HIPAA violations and tax fraud.

Some privacy and security experts say such prosecutions of HIPAA cases could be on the rise – especially when the violations are tied to other crimes. The Tampa case joins a handful of other recent cases involving insiders who also received prison sentences for their illegal access or disclosure of patient data.”

Retail

“A Russian organized cybercrime group known for hacking into banks and retailers appears to have breached hundreds of computer systems at software giant Oracle Corp., KrebsOnSecurity has learned. More alarmingly, the attackers have compromised a customer support portal for companies using Oracle’s MICROS point-of-sale credit card payment systems.

Asked this weekend for comment on rumors of a large data breach potentially affecting customers of its retail division, Oracle acknowledged that it had “detected and addressed malicious code in certain legacy MICROS systems.” It also said that it is asking all MICROS customers to reset their passwords for the MICROS online support portal.”

Technology

“Over at Wired, Andy Greenberg reports that security researchers have discovered how to use software defined radio (SDR) to remotely unlock hundreds of millions of cars. The findings are to be presented at a security conference later this week and detail two different vulnerabilities.

The first affects almost every car Volkswagen has sold since 1995, with only the latest Golf-based models in the clear. Led by Flavio Garcia at the University of Birmingham in the UK, the group of hackers reverse-engineered an undisclosed Volkswagen component to extract a cryptographic key value that is common to many of the company’s vehicles.”